Module 18 (Privllege Escalation)

How to escalate your privleges?

  • Manual Enumeration

    • Enumeration Users

      • whoami - id - net user (win)

    • Enumeration Hostname

      • Hostname

      • Systeminfo

      • uname -a and /etc/issue, /etc/*-releaseh

    • Enumeration Running Procceses and services

      • tasklist /svc => Windows

      • ps aux => linux

    • Enumeration Network

    open ports

  • Enumeration Firewall Status and Reules

    • netsh advfirewall show currentprofile

    • netsh advfirewall firewall show rule name=all

  • Enumeration scheduled Tasks

    • schtasks /query /fo LIST /v

    • ls -lah /etc/cron*

Enumeration installed applicatins and Patch levels

  • wmic product get name, version. vendor

  • wmic qfe get Caption, Description, HotFixID, installedOn

  • dpkg -l

windows

Linux

  • Enumeration Readable/Writable Files and Directories

  • Enumeration Unmounted Disks

  • Enumeration Device Drivers and Kerenl Modules

Linux

PreviousWindowsNextWindows

Last updated